AVLEONOV Podcast

Hello everyone! In this episode, I will talk about the February updates of my open source projects, also about projects at my main job at Positive Technologies and interesting vulnerabilities. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let’s take a look at what’s been done. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! October was an interesting and busy month for me. I started a new job, worked on my open source Vulristics project, and analyzed vulnerabilities using it. Especially Linux vulnerabilities as part of my new Linux Patch Wednesday project. And, of course, analyzed Microsoft Patch Tuesday as well. In addition, at the end of October I was a guest lecturer at MIPT/PhysTech university. But first thing first. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! On the last day of September, I decided to record another retrospective episode on how my Vulnerability Management month went. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This month I decided NOT to make an episode completely dedicated to Microsoft Patch Tuesday. Instead, this episode will be an answer to the question of how my Vulnerability Management month went. A retrospection of some kind. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I optimized the detection of the vulnerable product and the type of vulnerability based on the description. Now processing already downloaded data (with option –rewrite-flag "False") takes a few seconds. For example, only ~3 seconds for 100 MS Patch Tuesday vulnerabilities. It used to take a few minutes. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays. This time there were only 3 vulnerabilities used in attacks or with a public exploit. And only one of them is more or less relevant. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2023, including vulnerabilities that were added between April and May Patch Tuesdays. It's been a long time since we've had such tiny Patch Tuesday. 57 CVEs, including CVEs appeared during the month. And only 38 without them!

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2023, including vulnerabilities that were added between March and April Patch Tuesdays. Compared to March, Microsoft Patch Tuesday for April 2023 is kind of weak.

Hello everyone! This episode will focus on the news from my open source Vulristics project for vulnerability analysis and prioritization. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for March 2023, including vulnerabilities that were added between February and March Patch Tuesdays. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2023, including vulnerabilities that were added between January and February Patch Tuesdays. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2023, including vulnerabilities that were added between December and January Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I took the comments about the vulnerabilities from the Qualys, Nessus, Rapid7 and ZDI Patch Tuesday reviews. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! As we saw in the last episode, the results of vulnerability detection for one host produced by two different APIs can vary greatly. Therefore, in order to find out the truth, it is necessary to understand what vulnerability data is provided by the Linux distribution vendor and how this data is structured. Why is it important to do this? Because using data from a Linux distribution vendor, we can ask vulnerability detection API vendors questions: why are you detecting in a different way than described in this data? And then we will understand what caused the difference. And we will either adjust the API for vulnerability detection, or we will adjust the content of the Linux distribution vendor. Either way, it will be a success! In any case, the transparency of the vulnerability detection process will increase. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It's especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. I just had to do the final test. Many thanks to them for this! Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for December 2022, including vulnerabilities that were added between November and December Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. But let's start with an older vulnerability. This will be another example why vulnerability prioritization is a tricky thing and you should patch everything. In the September Microsoft Patch Tuesday there was a vulnerability Information Disclosure – SPNEGO Extended Negotiation (NEGOEX) Security Mechanism (CVE-2022-37958), which was completely unnoticed by everyone. Not a single VM vendor paid attention to it in their reviews. I didn't pay attention either. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In my English-language telegram chat avleonovchat, the question was asked: “How to find zero day vulnerabilities with Qualys?” Apparently this question can be expanded. Not just with Qualys, but with any VM solution in general. And is it even possible? There was an interesting discussion. The question is not so straightforward. To answer it, we need to define what a Zero Day vulnerability is. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for November 2022, including vulnerabilities that were added between October and November Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory (CSA) AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Americans can't just release a list of "20 vulnerabilities most commonly exploited in attacks on American organizations." They like to add geopolitics and point the finger at some country. Therefore, I leave the attack attribution mentioned in the advisory title without comment. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! Five years ago I wrote a blogpost about OpenSCAP. But it was only about the SCAP Workbench GUI application and how to use it to detect security misconfigurations. This time, I will install the OpenSCAP command line tool on Ubuntu and use it to check for vulnerabilities on my local host. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! Let's take a look at Microsoft's September Patch Tuesday. This time it is quite compact. There were 63 CVEs released on Patch Tuesday day. If we add the vulnerabilities released between August and September Patch Tuesdays (as usual, they were in Microsoft Edge), the final number is 90. Much less than usual. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Scanvus (Simple Credentialed Authenticated Network VUlnerability Scanner) is a vulnerability scanner for Linux. Currently for Ubuntu, Debian, CentOS, RedHat, Oracle Linux and Alpine distributions. But in general for any Linux distribution supported by the Vulners Linux API. The purpose of this utility is to get a list of packages and Linux distribution version from some source, make a request to an external vulnerabililty detection API (only Vulners Linux API is currently supported), and show the vulnerability report. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode, let's take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into account the vulnerabilities added between the July and August Patch Tuesdays. There were 147 vulnerabilities. Urgent: 1, Critical: 0, High: 36, Medium: 108, Low: 2. There was a lot of great stuff this Patch Tuesday. There was a critical exploited in the wild MSDT DogWalk vulnerability, 3 critical Exchange vulnerabilities that could be easily missed in prioritization, 13 potentially dangerous vulnerabilities, 2 funny vulnerabilities and 3 mysterious ones. Let's take a closer look. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This is the second episode of Vulnerability Management news and publications. In fact, This is the second episode of Vulnerability Management news and publications. In fact, this is a collection of my posts from the https://t.me/avleonovcom and https://t.me/avleonovrus telegram channels. Therefore, if you want to read them earlier, subscribe to these channels. The main idea of ​​this episode. Microsoft is a biased company. In fact, they should now be perceived as another US agency. Does this mean that we need to forget about Microsoft and stop tracking what they do? No, it doesn't. They do a lot of interesting things that can at least be researched and copied. Does this mean that we need to stop using Microsoft products? In some locations (you know which ones) for sure, in some we can continue to use such products if it is reasonable, but it's necessary to have a plan B. And this does not only apply to Microsoft. So, it's time for a flexible approaches. Here we do it this way, there we do it differently. It seems that rather severe fragmentation of the IT market is a long-term trend and it's necessary to adapt to it. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! Microsoft has been acting weird lately. I mean the recent publication of a propaganda report about evil Russians and how Microsoft is involved in the conflict between countries. It wouldn't be unusual for a US government agency, NSA or CIA to publish such a report. But when a global IT vendor, which, in theory, should be more or less neutral, does this… This is a clear signal. It's not about business anymore. I'll take a closer look at this report in the next episode of the Vulnerability Management news, but for now let's take a look at Microsoft July Patch Tuesday. Yes, the vendor is behaving strangely, but Microsoft products need to be patched. Right? At least for now. And tracking vulnerabilities is always a good thing.

Hello everyone! In this episode, I will try to revive Security News with a focus on Vulnerability Management. On the one hand, creating such reviews requires free time, which could be spent more wisely, for example, on open source projects or original research. On the other hand, there are arguments in favor of news reviews. Keeping track of the news is part of our job as vulnerability and security specialists. And preferably not only headlines. I usually follow the news using my automated telegram channel @avleonovnews. And it looks like this: I see something interesting in the channel, I copy it to Saved Messages so that I can read it later. Do I read it later? Well, usually not. Therefore, the creation of news reviews motivates to read and clear Saved Messages. Just like doing Microsoft Patch Tuesday reviews motivates me to watch what's going on there. In general, it seems it makes sense to make a new attempt. Share in the comments what you think about it. Well, if you want to participate in the selection of news, I will be glad too. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This will be an episode about the Microsoft vulnerabilities that were released on June Patch Tuesday and also between May and June Patch Tuesdays. On June Patch Tuesday, June 14, 56 vulnerabilities were released. Between May and June Patch Tuesdays, 38 vulnerabilities were released. This gives us 94 vulnerabilities in the report. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this short episode, I want to talk about the new feature in Vulners Linux API. Linux security bulletin publication dates are now included in scan results. Why is it useful? Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode, I want to talk about the Positive Hack Days 11 conference, which took place on May 18 and 19 in Moscow. As usual, I want to express my personal opinion about this event. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about the AM Live Vulnerability Management online conference. I participated in it on May 17th. The event lasted 2 hours. Repeating everything that has been said is difficult and makes little sense. Those who want can watch the full video or read the article about the event (both in Russian). Here I would like to share my impressions, compare this event with last year's and express my position. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, I'm using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presented by Microsoft since the previous Patch Tuesday, April 12th. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode, I want to talk about the latest updates to my open source vulnerability prioritization project Vulristics. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about malicious open source and the cost of using someone else's code. We must start with the fact that this year is fundamentally different. We now live in The New Reality of Information Security (TNRoIS). It has become quite clear that Open Source tools and code can harm your organization, because project maintainers can easily inject malicious features into their projects. Now they are actually doing it! Hypothetical threats have become quite real! Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2022 and new improvements in my Vulristics project. I decided to add more comment sources. Because it's not just Tenable, Qualys, Rapid7 and ZDI make Microsoft Patch Tuesday reviews, but also other security companies and bloggers. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! After a two-year break, I took part in Moscow CISO Forum 2022 with a small talk "Malicious open source: the cost of using someone else's code". CISO Forum is the first major Russian conference since the beginning of The New Reality of Information Security (TNRoIS). My presentation was just on this topic. How malicious commits in open source projects change development and operations processes. I will make a separate video about this. In this episode, I would like to tell you a little about the conference itself. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode, let's take a look at the latest vulnerabilities in Gitlab. On March 31, the Critical Security Release for GitLab Community Edition (CE) and Enterprise Edition (EE) was released. GitLab recommends that all installations running a version affected by the issues described in the bulletin are upgraded to the latest version as soon as possible. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about last week's high-profile vulnerabilities in Spring. Let's figure out what happened. Of course, it's amazing how fragmented the software development world has become. Now there are so many technologies, programming languages, libraries and frameworks! It becomes very difficult to keep them all in sight. Especially if it's not the stack you use every day. Entropy keeps growing every year. Programmers are relying more and more on off-the-shelf libraries and frameworks, even where it may not be fully justified. And vulnerabilities in these off-the-shelf components lead to huge problems. So it was in the case of a very critical Log4Shell vulnerability, so it may be in the case of Spring vulnerabilities. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode, I would like to talk about Github and how to remove sensitive information that was accidentally uploaded there. This is a fairly common problem. When publishing the project code on Github, developers forget to remove credentials: logins, passwords, tokens. What to do if this becomes known? Well, of course, these credentials must be urgently changed. What was publicly available on the Internet cannot be completely removed. This data is indexed and copied by some systems. But wiping it from github.com is real. Why is it not enough to just delete the file in the Github repository? The problem is that the history of changes for the file will remain and everything will be visible there. Surprisingly, there is still no tool in the Github web interface to remove the history for a file. You have to use third-party utilities, one of them is git-filter-repo. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! I am glad to greet you from the most sanctioned country in the world. Despite all the difficulties, we carry on. I even have some time to release new episodes. This time it will be about Microsoft Patch Tuesday for March 2022. I do the analysis as usual with my open source tool Vulristics. You can still download it on github. I hope that github won't block Russian repositories and accounts, but for now it looks possible. Most likely, I will just start hosting the sources of my projects on avleonov.com in this case. Or on another domain, if it gets even tougher. Stay tuned. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2022. I release it pretty late, because of the my previous big episode about the blindspots in the Knowledge Bases of Vulnerability Scanners. Please take a look if you haven't seen it. Well, if you are even slightly interested in the world news, you can imagine that the end of February 2022 in Eastern Europe is not the best time to create new content on Vulnerability Management. Let's hope that peace and tranquility will be restored soon. And also that geopolitical confrontation between the largest nuclear powers will de-escalate somehow. But let's get back to information security. While working on Microsoft Patch Tuesday report for February 2022, I made a lot of improvements to my open source project for vulnerability prioritization Vulristics. I want to start with them. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This video was recorded for the VMconf22 Vulnerability Management conference. I want to talk about the blind spots in the knowledge bases of Vulnerability Scanners and Vulnerability Management products. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! As you probably know, CentOS Linux, the main Enterprise-level Linux server distribution, will soon disappear. It wasn't hard to predict when RedHat acquired CentOS in 2014, and now it is actually happening. End of life of CentOS Linux 8 was 31.12.2021. There won't be CentOS Linux as downstream for RedHat anymore. Only CentOS Stream, that will be upstream for RedHat, more or less a testing distro like Fedora. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2022. Traditionally, I will use my open source Vulristics tool for analysis. This time I didn't make any changes to how connectors work. The report generation worked correctly on the first try. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode, I want to talk about VMconf 22. It was an experiment from the beginning. Is it possible to host a Vulnerability Management event with little effort and budget? Looks like no. So I would like to talk about why the original idea failed and the future of VMconf. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! I decided to make a separate episode about Log4Shell. Of course, there have already been many reviews of this vulnerability. But I do it primarily for myself. It seems to me that serious problems with Log4j and similar libraries will be with us for a long time. Therefore, it would be interesting to document how it all began. So what is the root cause of Log4Shell? Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! It's even strange to talk about other vulnerabilities, while everyone is so focused on vulnerabilities in log4j. But life doesn't stop. Other vulnerabilities appear every day. And of course, there are many critical ones among them that require immediate patching. This episode will be about Microsoft Patch Tuesday for December 2021. I will traditionally use my open source Vulristics tool for analysis. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode, I want to talk about vulnerabilities, news and hype. The easiest way to get timely information on the most important vulnerabilities is to just read the news regularly, right? Well, I will try to reflect on this using two examples from last week. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode is about Qualys Security Day 2021 Las Vegas, Qualys VMDR, VMDR Training and exam. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! In this episode I want to highlight the latest changes in my Vulristics project. For those who don't know, this is a utility for prioritizing CVE vulnerabilities based on data from various sources.. Currently Microsoft, NVD, Vulners, AttackerKB. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Hello everyone! This episode will be about the VMconf 22 Vulnerability Management conference. CFP started on November 1, which will last a month and a half. So please submit your talk or share this video with someone who might be interested. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.